Industrial Defender Examines Integrating Security, Compliance, Change

Posted on March 23, 2012 by Kim Legelis

In January, Industrial Defender, in conjunction with Pike Research, issued the report, Convergence in Automation Systems Protection. This week, Manufacturing.net published an article highlighting the key findings from the report, such as the importance of governance and regulatory compliance. This article focuses on the report examination of the changing dynamics in the automation systems market and how it shows the driving demand among critical infrastructure operators for new, integrated appro << More >>

Cyber Warfare Conflation

Posted on April 27, 2010 by Andrew Ginter

There were another two pieces in the mass media last week on cyber warefare (CBS and ABC). The media generally gets the story straight, but spends little effort making sure the listener/reader understands it all. The problem is that there are several kinds of adversaries that get discussed, and several kinds of targets, with several kinds of motivations. If listeners and readers don’t already know what’s up, it is easy to mix up who is doing what to whom and get confused about how vu << More >>

Network Anomaly Detection Underappreciated

Posted on April 15, 2010 by Andrew Ginter

Industrial Defender field personnel almost never see enterprise-class anomaly detection products deployed on industrial networks, yet we see anomaly detection techniques used routinely. In the course of doing the work for my anomaly detection presentation at the ICSJWG Spring Conference, it became clear that our customers appreciate the ability to see and understand their network communications patterns every bit as much as they appreciate seeing alerts when communications patterns change. The s << More >>

ICSJWG 2010 Spring Conference

Posted on April 10, 2010 by Andrew Ginter

Highlights of the spring conference: The plant security working group of the WIB International Instrument User’s Association (www.wib.nl) has published report “M 2784 X10″ entitled “Process Control Domain – Security Requirements for Vendors”. Shell was a driving force behind this standard available for download here (note: WIB permission is needed to redistribute). Shell is starting to require their vendors to certify against M-2784 and Wurldtech is putting t << More >>

Patching – State of the Practice

Posted on February 18, 2010 by Andrew Ginter

At the recent SCADA & Control Systems Security Summit I was struck by the diversity of opinion and practice on the topic of patching critical control systems. On one hand, there was pretty much unanimous agreement that keeping systems patched was part of good host hardening and helped to make process control system hosts harder to break into. On the other hand, there were huge differences in how patched people kept their control systems. Routine Patching At one extreme was a business which h << More >>

Application Whitelisting and Control Systems

Posted on January 8, 2010 by Andrew Ginter

I just got back from the Digital Bond SCADA Security Scientific Symposium (S4) where I presented on whitelisting. Whitelisting is the “hot new” host intrusion prevention system (HIPS) technology that some tout as the end of the anti-virus (AV) era. Anti-virus of course works by producing a “black list” of virus signatures. If data or a file matches a signature, the AV technology takes some sort of action to protect your system – anything from a popup alert to blocki << More >>

M	T	W	T	F	S	S
« Apr
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

ICS Perspectives

Tag Archives: network communications